- Adobe Flash Player
- Adobe AIR
- Adobe Flash Player
- Adobe Acrobat
The new updates were to patch exploits and various vulnerabilities that are "critical" to preform. The vulnerabilities are 0-day exploits that allow attacks to bypass sandbox protection of the Adobe products and run elevated access under windows to natively run code and remotely control slave computers infected by the 0-day.
Kaspersky Labs Global Research and Analysis Team reported CVE-2014-0546, but would not give any technical information as they are not finished with the investigation. The do confirm that the exploit has been run in some recent computers before they were made aware of this exploit.
The specific affected versions are:
- Adobe Flash Player 14.0.0.145 and earlier versions for Windows and Macintosh
- Adobe Flash Player 11.2.202.394 and earlier versions for Linux
- Adobe AIR 14.0.0.110 and earlier versions for Windows and Macintosh
- Adobe AIR 14.0.0.137 SDK and earlier versions
- Adobe AIR 14.0.0.137 SDK & Compiler and earlier versions
- Adobe AIR 14.0.0.137 and earlier versions for Android
Source: http://helpx.adobe.com/security/products/flash-player/apsb14-17.html
No comments:
Post a Comment